NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] secure remote



Dima,
Am I to understand that the userid/cn for the cert reference is the same as the object ID being used in the destination?  This is obviously a problem.  This is one of a few scenarios that will yield the user is not defined properly message.  Usually, though, it is an encryption level problem, where the database specified that the user needs 3des and only has a des client.

Do you mind letting me know which LDAP, and cert system you are using?

Thanks, 
CryptoTech

Dmitry Bukin wrote:

Hi all!I use FW 4.1I want to establish connection between server and remote user using IKE with CA.I describe the user. User has name the same as CN at his certtificate (CN=ntws49). User Authentication is unknown. Encription is IKE. IKE properties are public key. User is added to group which has name "sr_grp".The rule is as below:------------------------------------------------------------------sr_grp@all    ntws59    Any    Client Encription    Long------------------------------------------------------------------ntws59 description:ip:X.X.X.59, Location: Internal, Type:Host The problem. Then I ping ntws59 from ntws49 I view at log next string:-----------------------------------------------------------IKE log: Phase 1 completionClient Encription: The user is not defined properlyIKE log: Sent Notification <phase2 stage1>---------------------------------------------------------------Please help me to fix this problem. What I do wrong?If you need informations in addition I present it.Best regards,Dmitry BukinE-mail: [email protected] 


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.